AirWatch for ios Devices

Overview

What is AirWatch

AirWatch is the mobile device management (MDM) system provided by UMHS to ensure security for smart phones and tablets that connect to the UMHS

environment. AirWatch provides service to its mobile device customers through the following:

 A user portal to self-manage devices in cases of theft, loss or a forgotten passcode.

 An enhanced security profile designed to ensure proper safeguards for protected information.  The ability to publish applications to enrolled

devices.

 Devices enroll in one of two different profiles, MiChart or UMHS, to access recommended applications such as Epic’s Haiku or Cisco’s AnyConnect VPN application.

 Rich reporting for asset tracking and compliance audits.

In order to access your UMHS Outlook email, calendar, and contacts on your mobile device, AirWatch enrollment is required. Otherwise, you may only access these services through Outlook Web Access.

Requirements

Supported Platforms and Devices

applications, or security features. Some devices will not function with AirWatch.

This document provides directions for iOS devices only; however, AirWatch is supported on the following platforms:

 Apple iOS 6.0 or higher (preferred)

 Android by HTC, Samsung, and LG running Android version 4.0 or higher

 Windows Phone 8

Before You Begin

Make sure your device is fully charged and plugged into a charger.

 Remove existing UMHS Outlook connections.  Back up your data. This process varies among devices and manufacturers. Please follow the manufacturer recommendations for data backup.  Have a 6-digit alphanumeric or all numeric passcode

ready for your device.

 Know your UMHS Uniqname and Level-2 password.  Know your Apple ID and password.

 Verify stable internet connectivity or join the UMHS-802.1X Wi-Fi network.

Remove Existing UMHS Outlook

Connections

This is only required if you currently access your UMHS outlook email on the device.

Before you enroll in AirWatch, you must remove any pre-existing Outlook/Exchange connections already on your device – otherwise the new AirWatch connection to Outlook/Exchange will not work properly!

1. Tap Settings.

2. Tap Mail, Contacts, Calendars.

3. Select your Exchange account under your Accounts. 4. Tap Delete Account.

 The Delete Account message appears. 5. Tap Delete again to remove all of the account’s

content.

6. Return to the Home screen.

The AirWatch enrollment process will restore your UMHS Exchange email connection. If existing connections are not removed prior to AirWatch installation, the enrollment process may generate an error or duplicate a connection to UMHS Exchange. If you forget this step and have a duplicate connection, un-enroll from AirWatch and delete any remaining UMHS Exchange connections, then re-enroll in AirWatch.

Join the UMHS-802.1X Wi-Fi Network

It is preferred that you enroll in AirWatch while you are at a UMHS facility. Wi-Fi is available through the UMHS- 802.1X Wi-Fi network.

If you wish to enroll at home or outside the network, ensure sure you have a strong Internet connection before beginning. Go to Settings and connect to a Wi-Fi network. 1. Tap Settings.

2. Tap Wi-Fi.

3. Select the UMHS-802.1X network from the list of available Wi-Fi networks.

4. Depending on your device, enter your Uniqname in either the User name field, and your Level-2 password in the Password field.

5. Tap Join.

Enroll your Device in AirWatch

Download the AirWatch MDM Agent

1. Tap to open the App Store.

2.

Type AirWatch into to search field and select

the AirWatch MDM Agent app.

3.

Tap Get.

4.

Tap Install.

5.

If prompted, enter your Apple ID password and

tap OK to authorize the download.

Enroll Your iOS Device Using the

AirWatch Agent

1. Tap the AirWatch Agent app to begin enrollment.

2. Select Email Address for the Authentication Method.

3. Enter your @med.umich.edu address. 4. Tap Next.

5. Select either UMHS Standard or UMHS MiChart from the drop-down menu.

A. Select UMHS Standard if you wish to access Exchange only.

B. Select UMHS MiChart If you plan to access Exchange and MiChart using the Haiku or Canto apps.

6. Tap Next.

 The User Credentials screen opens.

Authentication, Device Details, and

Terms of Use

1. Enter your Uniqname and Level-2 password. 2. Tap Next to initiate the login process and complete

3. Select the Device Ownership setting that is appropriate for your device.

 Corporate – Dedicated  Corporate – Shared  Employee Owned 4. Tap Next.

These categories are only recorded in the AirWatch system and do not differentiate what services or policies apply to the device.

5. Review the Terms of Use and tap Accept.

 You are prompted to Enable Device Management.

6. Tap Redirect & Enable

 A screen appears briefly

stating the device will

begin installation of your profile.

 The AirWatch Install Profile prompt appears. 7. Tap Install.

 If you have a passcode on your device, you are prompted to enter it at this time.

9. Tap Install.

 A Warning message appears regarding personal data collection. This is a standard message added by the manufacturer.

10. Tap Install to proceed.

 A Remote Management message appears.

UMHS and AirWatch will NOT and CANNOT collect any data related to phone calls, texts, installed applications, or web browsing. These capabilities have been disabled and there is NO remote management!

In addition, location of the device will not be monitored, although GPS may be enabled by the user.

11. Tap Trust.

 The Profile Installed message appears.

12. Tap Done.

Authentication and AirWatch Enrollment is now complete. The AirWatch Client displays your device showing your enrollment status.

13. Tap Done.

 A window appears stating “Agent” Would Like to Send You Notifications.

14. Tap OK to accept Notifications.

 This permits UMHS to send you alerts and important notifications.

 The UMHS Exchange account is now being synchronized with the device.

Security Policies and Device

Encryption

If the passcode used on the device is not in

compliance with

,

you will be prompted to change your passcode.

If a passcode change is required, your passcode must be changed within 60 minutes.

1. Tap Continue to change your password if the Password Requirement window appears.

2. Enter your current passcode. 3. Tap Continue.

4. Enter a 6 digit passcode. 5. Tap Continue.

6. Re-enter your 6 digit passcode. 7. Tap Save.

When you set your passcode, be sure it is something you’ll remember. 10 failed login attempts will result in the device being wiped as a security precaution!

Passcode Policies

 Passcode length = 6 (this could be all numbers or alphanumeric)

 Passcode history = 13 (this means each time you set a passcode it remembers the previous thirteen entries and will require a new, unique value)  Passcode age = 365 days (after which you will be

required to set a new passcode)

 Number of failed login attempts prior to device wipe = 10

 Auto Lock = at least 5 min (user can select more secure value)

 Grace period before lock = at least 5 min (user can select more secure value)

Additional Security Policies

 The screen capture function is disabled on iOS devices when the device is enrolled using the MiChart profile.

 Diagnostic data will not be sent to Apple.

Additional UMHS Apps

Once AirWatch installation and authentication is complete, the UMHS Apps icon is available on your Home screen.

1. Tap UMHS Apps.

 A webpage opens, displaying available UMHS apps.

Enrolling in AirWatch automatically installs the Cisco AnyConnect VPN Client app. This app enables you to remotely access UMHS file servers, internal web pages and other resources.

Access Your Exchange Account

1. Tap the envelope icon to open your Mail app. 2. Tap Exchange.

 The Password Required prompt appears. 3. Enter your Level-2 password.

4. Tap OK.

 You should begin seeing your UMHS Outlook emails being downloaded to your device. The AirWatch install is complete and your phone is ready for normal use.

Un-Enroll your iOS Device from

AirWatch

If you un-enroll from AirWatch you will not be able to access your Outlook Exchange email, calendar, or contacts. The only way you will access these services is via Outlook Web Access on a browser.

1. Open the AirWatch agent app. 2. Tap the picture of the device. 3. Tap Device Enrolled.

4. Tap Un-enroll.

5. Tap Yes to confirm you want to un-enroll.  If you select Yes, all AirWatch associated

policies will be removed, the Exchange connection and its data will be removed, and any apps installed via AirWatch will be un-installed.

 Manufacturer-specific plug-in software or downloaded applications are not be removed automatically.

Additional Resources